Skip to content

Wrong exception thrown by MLKem.ImportPkcs8PrivateKey for a too-small buffer #115063

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
PranavSenthilnathan opened this issue Apr 25, 2025 · 1 comment · Fixed by #115066
Closed

Wrong exception thrown by MLKem.ImportPkcs8PrivateKey for a too-small buffer #115063

PranavSenthilnathan opened this issue Apr 25, 2025 · 1 comment · Fixed by #115066
Assignees
@vcsjones
Labels
area-System.Security
Milestone
10.0.0

Comments

@PranavSenthilnathan
Copy link
Member

CryptographicException should be thrown when MLKem.ImportPkcs8PrivateKey is called with an input buffer that is shorter than expected, but AsnContentException is thrown instead.

[Fact]
public static void ArgumentValidation_MalformedAsnEncoding()
{
    // Generate a valid ASN.1 encoding
    AsnWriter writer = new AsnWriter(AsnEncodingRules.BER);
    writer.WriteOctetString("some data"u8);
    byte[] encodedBytes = writer.Encode();
    int encodedLength = encodedBytes.Length;

    // Add a trailing byte
    Array.Resize(ref encodedBytes, encodedLength + 1);
    Assert.Throws<CryptographicException>(() => MLKem.ImportPkcs8PrivateKey(encodedBytes));

    // Remove the last byte so the length indicated in the encoding will be larger than the actual data.
    Array.Resize(ref encodedBytes, encodedLength - 1);
    Assert.Throws<CryptographicException>(() => MLKem.ImportPkcs8PrivateKey(encodedBytes)); // <-- FAILS
}

Error is thrown from:

runtime/src/libraries/Common/src/System/Security/Cryptography/MLKem.cs

Line 1746 in 32463ba

AsnDecoder.ReadEncodedValue(data, AsnEncodingRules.BER, out _, out _, out int bytesRead);

Test Failure:

      System.Security.Cryptography.Tests.MLKemTests.ArgumentValidation_MalformedAsnEncoding [FAIL]
        Assert.Throws() Failure: Exception type was not an exact match
        Expected: typeof(System.Security.Cryptography.CryptographicException)
        Actual:   typeof(System.Formats.Asn1.AsnContentException)
        ---- System.Formats.Asn1.AsnContentException : The encoded length exceeds the number of bytes remaining in the input buffer.
        Stack Trace:
          /mnt/d/git/runtime-base2/src/libraries/Common/tests/System/Security/Cryptography/MLKemTests.cs(824,0): at System.Security.Cryptography.Tests.MLKemTests.ArgumentValidation_MalformedAsnEncoding()
             at System.RuntimeMethodHandle.InvokeMethod(ObjectHandleOnStack target, Void** arguments, ObjectHandleOnStack sig, BOOL isConstructor, ObjectHandleOnStack result)
             at System.RuntimeMethodHandle.InvokeMethod(ObjectHandleOnStack target, Void** arguments, ObjectHandleOnStack sig, BOOL isConstructor, ObjectHandleOnStack result)
          /mnt/d/git/runtime-base2/src/coreclr/System.Private.CoreLib/src/System/RuntimeHandles.cs(1159,0): at System.RuntimeMethodHandle.InvokeMethod(Object target, Void** arguments, Signature sig, Boolean isConstructor)
          /mnt/d/git/runtime-base2/src/coreclr/System.Private.CoreLib/src/System/Reflection/MethodBaseInvoker.CoreCLR.cs(36,0): at System.Reflection.MethodBaseInvoker.InterpretedInvoke_Method(Object obj, IntPtr* args)
          /mnt/d/git/runtime-base2/src/libraries/System.Private.CoreLib/src/System/Reflection/MethodBaseInvoker.cs(57,0): at System.Reflection.MethodBaseInvoker.InvokeWithNoArgs(Object obj, BindingFlags invokeAttr)
          ----- Inner Stack Trace -----
          /mnt/d/git/runtime-base2/src/libraries/System.Formats.Asn1/src/System/Formats/Asn1/AsnDecoder.cs(172,0): at System.Formats.Asn1.AsnDecoder.ReadEncodedValue(ReadOnlySpan`1 source, AsnEncodingRules ruleSet, Int32& contentOffset, Int32& contentLength, Int32& bytesConsumed)
          /mnt/d/git/runtime-base2/src/libraries/Common/src/System/Security/Cryptography/MLKem.cs(1746,0): at System.Security.Cryptography.MLKem.ThrowIfTrailingData(ReadOnlySpan`1 data)
          /mnt/d/git/runtime-base2/src/libraries/Common/src/System/Security/Cryptography/MLKem.cs(1239,0): at System.Security.Cryptography.MLKem.ImportPkcs8PrivateKey(ReadOnlySpan`1 source)
          /mnt/d/git/runtime-base2/src/libraries/Common/src/System/Security/Cryptography/MLKem.cs(1254,0): at System.Security.Cryptography.MLKem.ImportPkcs8PrivateKey(Byte[] source)
          /mnt/d/git/runtime-base2/src/libraries/Common/tests/System/Security/Cryptography/MLKemTests.cs(824,0): at System.Security.Cryptography.Tests.MLKemTests.<>c__DisplayClass62_0.<ArgumentValidation_MalformedAsnEncoding>b__1()
@ghost ghost added the area-System.Security label Apr 25, 2025
@dotnet-policy-service dotnet-policy-service bot added the untriaged New issue has not been triaged by the area owner label Apr 25, 2025
@dotnet-policy-service Dotnet Policy Service
Copy link
Contributor

Tagging subscribers to this area: @dotnet/area-system-security, @bartonjs, @vcsjones
See info in area-owners.md if you want to be subscribed.

@vcsjones vcsjones mentioned this issue Apr 25, 2025
Merged
@vcsjones vcsjones added this to the 10.0.0 milestone Apr 25, 2025
@vcsjones vcsjones removed the untriaged New issue has not been triaged by the area owner label Apr 25, 2025
@vcsjones vcsjones self-assigned this Apr 25, 2025
@github-actions github-actions bot locked and limited conversation to collaborators May 30, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@vcsjones vcsjones

Labels
area-System.Security
Projects
None yet
Milestone
10.0.0
Development

Successfully merging a pull request may close this issue.

ML-KEM: Fix-up ASN.1 reading and writing logic vcsjones/runtime
2 participants
@vcsjones @PranavSenthilnathan